From: "Alex Prestin" <wakkoat_private> > So, anyone have any idea of how to deal with this latest little spammer > toy? Is there any effective way to filter out web bugs without adversely > affecting the delivery intact of legitimate messages? Could software > change to at least warn viewers that this HTML viewer is accessing offsite > content? Is it worth doing? Hmm... I found a way to prevent image bugs/trackers from loading in Outlook Express. If you add your favorite mail server(s) to ZoneAlarm's "local network" hosts, then disable Outlook's ability to access the Internet (but leave intact Outlook's permission to access the "local network"), then mail can be received, but foreign images cannot load. Of course, this affects ALL images in ALL e-mail, but you asked for 'any idea' on how to prevent this. :-) BTW: The more I use ZoneAlarm, the more I like it. http://www.zonealarm.com/ (No, I don't work for them.) Daryl Banttari Author, "Daryl's TCP/IP Primer" http://www.ipprimer.com/ ----- Original Message ----- From: "Alex Prestin" <wakkoat_private> To: <bugtraqat_private> Sent: Saturday, August 18, 2001 5:17 AM Subject: HTML email "bug", of sorts. I'm not sure this is the proper forum for "conspiracy-theory" bugs, but I figured this would be of interest to anyone trying to prevent the names of valid email accounts they either own or administer from being verified and added to "official" known-good spam rosters. You may have heard of "web-bugs" before. Or you may not have. For the benefit of the less-experienced, here's what they are and what they do: "Web bugs" are small, 1x1 (or similar-sized) transparent GIF images which can be used to track the movement of a user around the web. About 1 in 10 sites use them. Their effectiveness at this task is somewhat questionable, but they can be used more effectively for a different task: I've started noticing something very disturbing in the HTML in spam mails recently. I've started seeing web bugs. Below is an example from a recent email: <img src="http://www.megahardcoresex.com/sites/XXXXXXXX0 (continued) 3b/sf03b08152001.gif?M=XXXXXXXXX&ID=wakkoat_private" width="1" height="1"> See it? A web bug. If I opened this mail in an HTML-capable browser, that little image would've popped up and I would've been none the wiser. My address would also have been verified by the sender, and stored in a large database of valid recipients. So, anyone have any idea of how to deal with this latest little spammer toy? Is there any effective way to filter out web bugs without adversely affecting the delivery intact of legitimate messages? Could software change to at least warn viewers that this HTML viewer is accessing offsite content? Is it worth doing? Anyone? Bueller? - A.P.
This archive was generated by hypermail 2b30 : Sun Aug 19 2001 - 16:46:36 PDT